Introduction to Containers
To best understand what a container is, let’s first take a step back to better understand the high level of how an operating system works, specifically evaluating the difference between the kernel space and the user space.
Here you will see the fundamental pieces of an operating system (Linux). It is broken into two parts, the kernel which interacts with hardware and provides an interface for all applications, libraries, scripts and services to run. All of these applications, libraries and portions of the computer that we use as the “runtime” all are part of the user space.
It is important to see this differentiation because the user space is the foundation of a container…
A Container subsystem allows for one to encapsulate an entire user space into an image that allows it to be moved from one location to another. Think of it as a new packaging paradigm that allows one to package up not only an application, but also the entire user space.
But packaging is just one aspect, the next facet is how to use these containers! The Linux kernel provides some mechanisms to virtualize certain aspects of the environment. Using these features, a container subsystem can swap in and out alternate user spaces in such a way to provide a pseudo level of virtualization (also known as kernel-level virtualization).
This is very advantageous for performance reasons and being super lightweight…
Once the user space has been packaged up, it lends itself to several very interesting outcomes… Namely, reproducibility and mobility.